Keep Security in Mind When Launching Big Data Initiatives

Big data is one of the hottest IT trends right now and organizations are scrambling to adopt solutions to gain new insights into their business. David Barton, principal and practice leader of the technology assurance group at Atlanta-based UHY Advisors, told CRN.com that cloud and data center security must be on point before really utilizing this solution. In a speech at MIS Training Institute’s Conference on Big Data Security, he said most companies focus more on sales than results or security when it comes to a big data project, but this will likely be a mistake.

“Rapid analysis and deployment is the whole point of using the cloud, and data security and privacy slow things down,” he said. “Rather than alert security, they will go around you, under you or over you to get it done.”

Barton said businesses must be careful of which data center their information is going to and where it is located, as there may be unwittingly sharing same virtual servers with competitors. In fact, he told the crowd that many businesses are likely tied together in ways they hadn’t pictured before. There may also be vulnerabilities exposed by denial of service attacks happening on the same server, showing the importance of being choosy when it comes to where to store and access big data as it comes into an organization.

Dealing with big data is becoming more important as a greater number of businesses start to invest in the technology, as a recent report by Techaisle showed 18 percent of mid-market companies have already invested in big data. Another 25 percent are considering an investment, with 29 percent believing it will be one of the most important decision making tools in their organization.

Along with making sure data centers are secure, Barton said businesses using it must be sure the tools, such as Hadoop, is altered or protected so it is more closely guarding information. Servers should be validated to make sure security is in place and there must be a high level of cloud computing security and control. In his role as an auditor, Barton said he will often search out documentation that is reviewed regularly, shows controls in place and proves testing and communication is being used within the company.